12 matches found
EUVD-2025-7318
Malicious code in bioql PyPI...
Server Side Request Forgery (SSRF)
nossrf is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to improper hostname validation, allowing attackers to bypass the protection mechanism and access local or reserved IP addresses...
CVE-2025-2691
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
GHSA-VM77-MR48-27WJ nossrf Server-Side Request Forgery (SSRF)
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF, where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
nossrf Server-Side Request Forgery (SSRF)
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF, where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
CVE-2025-2691
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
CVE-2025-2691
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
CVE-2025-2691
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
CVE-2025-2691
CVE-2025-2691 affects the package nossrf prior to version 1.0.4. The vulnerability is Server-Side Request Forgery (SSRF) where an attacker can supply a hostname that resolves to a local or reserved IP address, bypassing the SSRF protection mechanism. Summary of what is known from connected docume...
CVE-2025-2691
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...
Server-Side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism. PoC 1 Define an app.js file with the programmatic API of nossrf as...
nossrf 安全漏洞
nossrf is a Snyk open source package. A security vulnerability exists in versions prior to nossrf 1.0.4 that stems from an attacker being able to bypass SSRF protection mechanisms by providing hostnames that resolve to local or reserved IP address spaces...